Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/04 11:6 p.m.8 views

CVE-2024-0702

The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions hooked via AJAX in the includes/class-pos-bridge-install.php file in all versions up to, and including, 2.4.2.1 This makes it possible f...

7.3CVSS7.1AI score0.00511EPSS
Exploits0References1
NVD
NVD
added 2024/02/29 1:43 a.m.14 views

CVE-2024-0702

The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions hooked via AJAX in the includes/class-pos-bridge-install.php file in all versions up to, and including, 2.4.2.1 This makes it possible f...

7.3CVSS6.9AI score0.00511EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/20 6:56 p.m.20 views

CVE-2024-0702 Oliver POS – A WooCommerce Point of Sale (POS) <= 2.4.2.1 - Missing Authorization

The Oliver POS – A WooCommerce Point of Sale POS plugin for WordPress is vulnerable to unauthorized access due to missing capability checks on several functions hooked via AJAX in the includes/class-pos-bridge-install.php file in all versions up to, and including, 2.4.2.1 This makes it possible f...

7.3CVSS7.1AI score0.00511EPSS
Exploits0References3
CVE
CVE
added 2024/02/20 6:56 p.m.50 views

CVE-2024-0702

CVE-2024-0702 concerns the Oliver POS plugin for WordPress. The issue is a missing capability check on several AJAX-hooked functions in includes/class-pos-bridge-install.php, affecting all versions up to and including 2.4.1.8. This design flaw allows authenticated users with subscriber-level acce...

7.3CVSS7.1AI score0.00511EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2024/02/20 12:0 a.m.8 views

WordPress Oliver POS Plugin <= 2.4.2.0 is vulnerable to Broken Access Control

Software Oliver POS Type Plugin Vulnerable versions = 2.4.2.0 Fixed in 2.4.2.1 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-0702 Patch priority High CVSS severity High 7.3 Developer Claim ownership PSID 77e616eb4620 Credits Francesco Carlucci Required...

7.3CVSS6.4AI score0.00511EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder